Note: All the information on this post has been copied from the TechSupport article here.Įvery major antimalware vendor has a dedicated E-mail address through which new samples can be submitted. Another answer gives links to forms where you can upload malware samples to two anti-virus vendors, but that's just two of the dozens of vendors out there - if I need to submit directly to A/V vendors, I am hoping for a more comprehensive list that is easy to refer to. One answer mentions Virustotal, but it doesn't answer my question of whether submitting to Virustotal actually works, in terms of notifying A/V vendors to trigger analysis. Unknown malware, how to report it and whom to report it to? asks a related question in a more specific situation. Where to report malicious URLs, phishing, and malicious web sites? provides a list of where to report phishing web sites and other malicious web sites, but it doesn't say where to submit malware samples. I've looked, but I haven't found an answer on this site. So it makes me wonder whether uploading it to Virustotal is enough.) I've heard of plenty cases of malware that had been uploaded to Virustotal for months or years before any antivirus engine started detecting it. I didn't see any user interface in Virustotal where I indicate "yes, this really is malicious, even though no one detected it", so I wonder if it will get lost in amongst all the other benign samples. (It's not obvious to me how anti-virus vendors would know that my sample is malicious, just because it was uploaded to Virustotal. Will submitting the sample be enough for antivirus engines to know that it is malicious and should have been detected, and trigger them to analyze it and develop a signature/detector for it? Will that be sufficient? Currently few or no antivirus engines detect this malware. What is the best and easiest way to get it to as many anti-virus vendors as possible, to help them detect it? Is there a list of sites where I should upload the sample, or email addresses where I should send it to? I want to do a good turn and help protect as many people as possible. Will give you zero virus and malware detections.īest regards and good luck cleaning your device.I have a new piece of malware that isn't detected by current anti-virus vendors. 70 different antivirus and anti-malware engines at once. Note: on your pc, you can scan your download sources beforehand, without downloading it, by submitting the download link to as it will there be scanned by appx. Please also be aware of many other scam application that exist on insecure mobile platforms, on cellulars and tablets without a sandbox capable operating system. There is also no legit release, which you could download via play store, as notepad++ is a windows/wine application only, and not available for android devices. Welcome to the notepad++ community, only download notepad++ from the official source. Many thanks for your question and best regards If it is required to verify the authenticity of applications completely, regardless if they are already implemented, or a future implementation is being evaluated, you will have to go through all steps. Note that your security group and corporate security policy comes first under all circumstances. To answer your question, if it is really necessary to go through all the needed steps to verify the gpg signature: it is always a choice of logic and trust, combined with clearance. The best practice, if your security group is alerted by a single positive, is to wait for an adequate period of time, without implementing the software in question.Ī valid positive will, in time, always result in more engines detecting an application as a thread. This is not the first time, that clean software is detected as false positive by engines. We are aware of the current jiangmin false positive, as well as the dns8 flag for the main download site. Welcome to the notepad++ community, the virustotal scan has more value than a windows code signing certificate.Ī windows code signing certificate mainly omits the windows publisher warning, but anyone in possession of a windows code signing cert will still be able to code sign malware.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |